← volver
CVE-2019-9193

CVE-2019-9193

EPSS 91.9%
In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_execute_server_program' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS. NOTE: Third parties claim/state this is not an issue because PostgreSQL functionality for ‘COPY TO/FROM PROGRAM’ is acting as intended. References state that in PostgreSQL, a superuser can execute commands as the server user without using the ‘COPY FROM PROGRAM’.
Productos afectados
n/a · n/a
PoCs públicas encontradas12
githubgithub.com/b4keSn4ke/CVE-2019-919321githubgithub.com/geniuszly/CVE-2019-91934githubgithub.com/wkjung0624/cve-2019-91933githubgithub.com/paulotrindadec/CVE-2019-91931githubgithub.com/netw0rk7/CVE-2019-9193-Home-Lab0githubgithub.com/jhnhnck/CVE-2019-91930githubgithub.com/corsisechero/CVE-2019-9193byVulHub0githubgithub.com/CybersRMUTL/CVE-2019-9193-Postgresql-RCE0exploitdbwww.exploit-db.com/exploits/46813no verificadocve_referencepacketstormsecurity.com/files/171722/PostgreSQL-9.6.1-Remote-Code-Execution.htmlno verificadocve_referencepacketstormsecurity.com/files/166540/PostgreSQL-11.7-Remote-Code-Execution.htmlno verificadocve_referencepacketstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.htmlhttp://packetstormsecurity.com/files/166540/PostgreSQL-11.7-Remote-Code-Execution.htmlhttp://packetstormsecurity.com/files/171722/PostgreSQL-9.6.1-Remote-Code-Execution.htmlhttps://blog.hagander.net/when-a-vulnerability-is-not-a-vulnerability-244/https://medium.com/greenwolf-security/authenticated-arbitrary-command-execution-on-postgresql-9-3-latest-cd18945914d5https://paquier.xyz/postgresql-2/postgres-9-3-feature-highlight-copy-tofrom-program/https://security.netapp.com/advisory/ntap-20190502-0003/https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/authenticated-arbitrary-command-execution-on-postgresql-9-3/